CVE-2024-38302
https://notcve.org/view.php?id=CVE-2024-38302
A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000227053/dsa-2024-303-security-update-for-dell-data-lakehouse-system-software-for-multiple-security-vulnerabilities • CWE-311: Missing Encryption of Sensitive Data •
CVE-2024-40633 – Customer data leak via adjustments API endpoint in Sylius
https://notcve.org/view.php?id=CVE-2024-40633
Using these tokens, an attacker can access guest customer order details - sensitive guest customer information. • https://github.com/Sylius/Sylius/security/advisories/GHSA-55rf-8q29-4g43 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2023-42010 – IBM Sterling B2B Integrator Standard Edition information disclosure
https://notcve.org/view.php?id=CVE-2023-42010
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 could disclose sensitive information in the HTTP response using man in the middle techniques. • https://exchange.xforce.ibmcloud.com/vulnerabilities/265507 https://www.ibm.com/support/pages/node/7160433 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVE-2024-23467 – SolarWinds Access Rights Manager Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23467
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. • https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2024-23475 – SolarWinds Access Rights Manager Directory Traversal and Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-23475
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information. • https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •